I have Sophos UTM along with a few APs at home and want to try out some other firewalls (looking for better tracking and reporting to understand what my kids are doing on the internet). But, Id like to keep the APs and use the UTM as a controller. I see a posting on how to do this (Set UTM 9 to be ONLY wireless AP controller): Configure UTM with only one interface (LAN) and point default gateway parameter to your new router. Enable DHCP service on UTM and configure it with AP Magic (DHCP 234) option But, have a couple of questions: Assuming the wifi is bridged to LAN (APs on the same LAN), does the client traffic from the AP go to the UTM and then back to the LAN, or does the AP bridge it? I also want to do a guest wifi. How would that traffic flow? I imagine it has to flow through the UTM to keep separate from the LAN, and then I should send to the router via a separate VLAN or interface Asking because I am going to upgrade to 10gbe on the router and switches, but not the UTM, and wondering how much of a bottleneck that would be for wifi. Thanks.

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM as WAP Controller with Guest Network

I have Sophos UTM along with a few APs at home and want to try out some other firewalls (looking for better tracking and reporting to understand what my kids are doing on the internet). But, Id like to keep the APs and use the UTM as a controller. I see a posting on how to do this (Set UTM 9 to be ONLY wireless AP controller):

Configure UTM with only one interface (LAN) and point default gateway parameter to your new router. Enable DHCP service on UTM and configure it with AP Magic (DHCP 234) option

But, have a couple of questions:

Assuming the wifi is bridged to LAN (APs on the same LAN), does the client traffic from the AP go to the UTM and then back to the LAN, or does the AP bridge it?
I also want to do a guest wifi. How would that traffic flow? I imagine it has to flow through the UTM to keep separate from the LAN, and then I should send to the router via a separate VLAN or interface

Asking because I am going to upgrade to 10gbe on the router and switches, but not the UTM, and wondering how much of a bottleneck that would be for wifi.

Thanks.

This thread was automatically locked due to age.

Parents

0 jgore over 2 years ago

I got the normal wifi traffic working, using that DHCP option above. Now trying to figure out how to do the guest access. I can use a spare interface to send the guest wifi traffic from the UTM to the new router, but not sure how to configure that. I dont want the UTM to NAT it (the new router will do that). I tried a few things using static routes, but cant seem to get it working.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 jgore over 2 years ago

I got the normal wifi traffic working, using that DHCP option above. Now trying to figure out how to do the guest access. I can use a spare interface to send the guest wifi traffic from the UTM to the new router, but not sure how to configure that. I dont want the UTM to NAT it (the new router will do that). I tried a few things using static routes, but cant seem to get it working.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data